checking.
Once upon a time, Raju Mathur <[EMAIL PROTECTED]> found a keyboard. And typed:
>[All 2.4 kernels upto and including 2.4.3 are vulnerable. Please
>upgrade as soon as 2.4.4 is released -- Raju]
>
>This is an RFC 1153 digest.
>(1 message)
>----------------------------------------------------------------------
>
>Return-Path: <[EMAIL PROTECTED]>
>Approved-By: [EMAIL PROTECTED]
>Delivered-To: [EMAIL PROTECTED]
>Mime-version: 1.0
>Content-type: text/plain; charset="iso-8859-1"
>Approved: [EMAIL PROTECTED]
>Message-ID: <[EMAIL PROTECTED]>
>Reply-To: [EMAIL PROTECTED]
>X-To: [EMAIL PROTECTED]
>X-cc: [EMAIL PROTECTED]
>Content-Transfer-Encoding: 8bit
>X-MIME-Autoconverted: from quoted-printable to 8bit by biznetindia.com id f3K9IIB05215
>From: [EMAIL PROTECTED]
>Sender: Bugtraq List <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>Subject: [RHSA-2001:052-02] FTP iptables vulnerability in 2.4 kernel
>Date: Thu, 19 Apr 2001 16:00:00 -0400
>
>---------------------------------------------------------------------
> Red Hat, Inc. Red Hat Security Advisory
>
>Synopsis: FTP iptables vulnerability in 2.4 kernel
>Advisory ID: RHSA-2001:052-02
>Issue date: 2001-04-19
>Updated on: 2001-04-19
>Product: Red Hat Linux
>Keywords: FTP iptables ip_conntrack_ftp
>Cross references:
>Obsoletes:
>---------------------------------------------------------------------
>
>1. Topic:
>
>A security hole has been found that does not affect the default
>configuration of Red Hat Linux, but can affect some custom
>configurations of Red Hat Linux 7.1 only. The bug is specific
>to the Linux 2.4 kernel series.
>
>2. Relevant releases/architectures:
>
>
>
>3. Problem description:
>
>A vulnerability in iptables "RELATED" connection tracking has been
>discovered. When using iptables to allow FTP "RELATED" connections
>through the firewall, carefully constructed PORT commands can open
>arbitrary holes in the firewall.
>
>The iptables system is included in the 2.4 kernel series, but not in
>the earlier 2.2 kernel series used in Red Hat Linux 6.x and Red Hat
>Linux 7.0.
>
>Red Hat Linux 7.1 uses a 2.4 kernel and provides the ip_conntrack_ftp
>module that has this bug. However, Red Hat Linux does not currently
>configure iptables (the default firewall configuration uses ipchains
>instead), so unless you have explicitly configured iptables and
>enabled FTP "RELATED" connections through the firewall, you are not
>vulnerable to attack.
>
>4. Solution:
>
>Red Hat will be releasing a kernel with this and other bugs fixed
>shortly. In the meantime, we strongly recommend that users of
>iptables not allow FTP "RELATED" connections.
>
>5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info):
>
>
>
>6. RPMs required:
>
>
>
>7. Verification:
>
>MD5 sum Package Name
>--------------------------------------------------------------------------
>
>
>These packages are GPG signed by Red Hat, Inc. for security. Our key
>is available at:
> http://www.redhat.com/corp/contact.html
>
>You can verify each package with the following command:
> rpm --checksig <filename>
>
>If you only wish to verify that each package has not been corrupted or
>tampered with, examine only the md5sum with the following command:
> rpm --checksig --nogpg <filename>
>
>8. References:
>
>http://www.tempest.com.br/advisories/01-2001.html
>http://www.securityfocus.com/templates/archive.pike?list=1&mid=177070
>http://slashdot.org/comments.pl?sid=01/04/19/047249&cid=36
>
>
>Copyright(c) 2000, 2001 Red Hat, Inc.
>
>------------------------------
>
>End of this Digest
>******************
>
>--
>Raju Mathur [EMAIL PROTECTED] http://kandalaya.org/
>
>----------------------------------------------
>An alpha version of a web based tool to manage
>your subscription with this mailing list is at
>http://lists.linux-india.org/cgi-bin/mj_wwwusr
>
========End of Original Message=============Know Gnu, Know Freedom=
--
Regards,
V Suresh.
Mail: [EMAIL PROTECTED] URL: www16.brinkster.com/vsuresh
......................................................
.Debian GNU/Linux Potato - The Soul of My GNU Machine.
......................................................
9:33pm up 23 min, 5 users, load average: 1.00, 0.99, 0.75
----------------------------------------------
The mailing list archives are available at
http://lists.linux-india.org/cgi-bin/wilma/linux-india-help
